Commit Graph

239 Commits

Author SHA1 Message Date
Robin Appelman 24f0151f81 handle locked exceptions when getting file/directory info in sabre 2015-06-17 14:13:10 +02:00
Thomas Müller d2305f2527 Merge pull request #16729 from owncloud/scanner-read-lock
keep a read lock while scanning a file or folder
2015-06-17 11:52:54 +02:00
Vincent Petry 1f91e9e65d Convert invalid path exception to sabre exception on MOVE 2015-06-15 17:49:11 +02:00
Robin Appelman 7d72f7d8ce keep a read lock while scanning a file or folder 2015-06-15 14:32:29 +02:00
Thomas Müller b6165b6865 Merge pull request #16912 from owncloud/webdav-smalltransferlockfix
Webdav PUT small file lock must be shared during hooks
2015-06-15 11:30:59 +02:00
Vincent Petry 4497aa4c68 Webdav PUT small file lock must be shared during hooks
Fixed code path for Webdav PUT of small files to use shared locks during
hook execution, and exclusive during the file operation

This makes it possible for versions to be copied by accessing the file
in a post_write hook.
2015-06-12 18:52:18 +02:00
Robin Appelman 05cecb101d verify path when getting a node for sabredav 2015-06-11 17:11:33 +02:00
Vincent Petry f13a2d9251 Revert "verify path when getting a node for sabredav" 2015-06-11 15:25:06 +02:00
Robin Appelman 4d10dab813 verify path when getting a node for sabredav 2015-06-11 14:12:04 +02:00
Vincent Petry 6ae5ae2e31 Prevent deleting Webdav root 2015-06-05 16:55:09 +02:00
Joas Schilling 1df95ea1ca Fix "@throws" tags on doc blocks 2015-06-05 13:55:59 +02:00
Vincent Petry 06dda427f3 Validate path in getChild 2015-06-05 12:08:18 +02:00
Vincent Petry 6ab38be40e Translate invalid path exception to sabre exception for files 2015-06-03 12:22:31 +02:00
Vincent Petry 270a10b754 Return 423 instead of 503 for locked files 2015-06-01 13:24:02 +02:00
Vincent Petry 0451a6652d Move locking exceptions 2015-06-01 13:24:02 +02:00
Vincent Petry ba174ac626 Convert LockedException to FileLocked in Sabre connector
For Sabre to be able to return the proper error code instead of 500, the
LockedException is now rethrown as FileLocked exception in the Sabre
connector
2015-06-01 13:22:57 +02:00
Robin Appelman 8665a98744 add locking for non-chunking webdav upload 2015-06-01 13:22:57 +02:00
Robin Appelman 668fafd4d2 close file handle after sending sabre response 2015-06-01 13:22:56 +02:00
Vincent Petry 06f8c80af6 Validate target file name for some webdav ops 2015-05-29 19:14:38 +02:00
Lukas Reschke ffd73ef2e4 Fix indentation 2015-05-27 14:57:19 +02:00
Scrutinizer Auto-Fixer fdbc21fc6c Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-05-19 11:23:06 +00:00
Morris Jobke 7ee3f99a4a Merge pull request #16364 from owncloud/add-warning-webdav
Add notice that WebDAV interface is not intended for browsers
2015-05-18 11:28:47 +02:00
Joas Schilling 0991c0cc02 Merge pull request #16292 from owncloud/webdav-storage-fireprehooks
Fire prehooks when uploading directly to storage
2015-05-15 15:08:27 +02:00
Lukas Reschke 13778893d9 Add notice that WebDAV interface is not intended for browsers
Fixes https://github.com/owncloud/core/issues/16359
2015-05-15 09:07:39 +02:00
Vincent Petry 3cae0135ad Fire prehooks when uploading directly to storage 2015-05-13 17:47:04 +02:00
Robin Appelman 11e1acd8ec fix webdav quota check for the root of the dav endpoint 2015-05-12 14:02:27 +02:00
Robin Appelman 06a65fab13 use cross storage move when renaming the part file during webdav put 2015-05-07 14:28:31 +02:00
Robin Appelman 2e897f05b1 triger propagation for webdav uploads
use post hooks for share etag propagator
2015-04-27 14:07:16 +02:00
Lukas Reschke b9df932e3c Merge pull request #15683 from owncloud/block-legacy-clients
Block old legacy clients
2015-04-24 18:21:10 +02:00
Lukas Reschke ab9ea97d3a Catch not existing User-Agent header
In case of an not sent UA header consider the client as valid
2015-04-23 16:33:51 +02:00
Lukas Reschke ed0b465cf9 Use 403 instead a 50x response 2015-04-20 12:53:40 +02:00
Lukas Reschke 4ea205e262 Block old legacy clients
This Pull Request introduces a SabreDAV plugin that will block all older clients than 1.6.1 to connect and sync with the ownCloud instance.

This has multiple reasons:

1. Old ownCloud client versions before 1.6.0 are not properly working with sticky cookies for load balancers and thus generating sessions en masse
2. Old ownCloud client versions tend to be horrible buggy

In some cases we had in 80minutes about 10'000 sessions created by a single user. While this change set does not really "fix" the problem as 3rdparty legacy clients are affected as well, it is a good work-around and hopefully should force users to update their client
2015-04-20 11:12:17 +02:00
Vincent Petry ffc796edcb Do not trash part files, delete directly 2015-04-21 18:28:15 +02:00
Morris Jobke e33e5b425a Merge pull request #12006 from owncloud/dav-put-storage
Work directly on the storage when uploading over webdav
2015-04-15 03:08:52 +02:00
Robin Appelman eeecca04e6 Keep phpdoc updated. 2015-04-14 16:25:52 +02:00
Robin Appelman 308af8b909 pass a stream to the tests 2015-04-14 15:25:52 +02:00
Robin Appelman 2fd44dbde4 rewind and update error message 2015-04-13 14:14:48 +02:00
Robin Appelman dcfe014103 use our own stream copy instead 2015-04-13 14:13:21 +02:00
Robin Appelman 8af106cc75 block webdav in single user mode 2015-04-09 15:56:41 +02:00
Robin Appelman cbcee34eb0 update tests 2015-04-09 14:46:25 +02:00
Robin Appelman 6a59502759 Work directly on the storage when uploading over webdav 2015-04-08 14:04:58 +02:00
Thomas Müller 161d80da5b In case of encryption exceptions we return 503 - this will allow the client to retry 2015-04-07 14:17:42 +02:00
Thomas Müller 664b2bb7af cleaning up exception mess 2015-04-07 13:30:30 +02:00
Thomas Müller bf809ac85a Removing left overs from old encryption app 2015-04-07 13:30:29 +02:00
Thomas Müller dbdd754c3f Further cleanup of files_encryption 2015-04-07 13:30:28 +02:00
Thomas Müller 00338f9dca Removing files_encryption left overs 2015-04-07 13:30:28 +02:00
Vincent Petry 7ad4dfa201 Merge pull request #15227 from owncloud/ocetag-header
Copy Etag header to OC-Etag for sabre calls
2015-03-27 13:10:27 +01:00
Morris Jobke e8109f0bc3 Merge pull request #13802 from owncloud/share-partfilepermissions
Fix share permission checks
2015-03-26 22:01:05 +01:00
Lukas Reschke 8ebe667202 Remove unneeded argument 2015-03-26 20:45:39 +01:00
Lukas Reschke 55fd0082aa Serve all files with a Content-Disposition of 'attachment' via WebDAV
As an additional security hardening it's sensible to serve these files with a Content-Disposition of 'attachment'. Currently they are served 'inline' and get a "secure mimetype" assigned in case of potential dangerous files.

To test this change ensure that:

- [ ] Syncing with the Desktop client still works
- [ ] Syncing with the Android client still works
- [ ] Syncing with the iOS client still works

I verified that the 1.8 OS X and iOS client still work with this change.
2015-03-26 20:01:05 +01:00